Currently, there exist no standard, regulatory requirements or federal guidelines governing the processing and storage of confidential financial information by the Payment Card Industry (PCI). As a result, several of the larger credit card companies, such as Visa and MasterCard, have privately devised a set of security control standards to be used by PCI entities. Although not a promulgated set of standards or regulations, entities not meeting the PCI control standards can be fined or even denied the right to process credit card information. As a result, virtually every company processing credit card information must meet the PCI control standards. Such standards are extremely restrictive and costly to implement. Where credit card processing or functionality is a core component of the business, an entire corporate network can be made PCI compliant. Such architectures, however, lack flexibility. Additionally, such architectures do not easily accommodate larger entities that provide a variety of service offerings other than the processing of credit card information. In many instances, making an entire corporate network PCI compliant may be cost prohibitive or may result in increased costs to clients.